Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
tedunangst
on May 20, 2020
|
parent
|
context
|
favorite
| on:
15 years later: remote code execution in qmail
What did Debian change to introduce this vulnerability?
dsr_
on May 20, 2020
[–]
Nothing, per se. But they don't set up softlimits or message size limits by default, both of which you should definitely do... it's just that the values you put in are specific to your situation.
tom_mellior
on May 20, 2020
|
parent
[–]
If you have DJB's ego yelling at you that the default configuration is safe, why would you bother setting limits to fix it?
dependenttypes
on May 21, 2020
|
root
|
parent
|
next
[–]
DJB has been telling people to run it with the memory limits since 2005.
jacquesm
on May 20, 2020
|
root
|
parent
|
prev
[–]
Because you care more about the users than about DJB's ego.
haroldp
on May 20, 2020
|
root
|
parent
[–]
Then you should be running Postfix.
Consider applying for YC's Spring batch! Applications are open till Feb 11.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
